61521243662ad344fec198ccf4b4af18_JC[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61521243662ad344fec198ccf4b4af18_JC.bin
Size

653KB
MD5

498039fc249c8177d3e80deca64e62ef
SHA1

5860a618e86f49fccb5244ec6d1e4c933f153cfe
SHA256

59412c9dc1e55579459f9db26d6e59ac4403f4df90b2b4181f7a8bf5070dc5c2
SHA512

3abc22c3d6c36ab765b7f0bd7714a380b489ca5f42996460288bc705454cb4607f4a3dfd596dad10e189af802f6edf208f608c06ab3ac0af35c116dcf0d85639
SSDEEP

12288:SekoHfWa9H+4glvrZFAWk9Hww7ZjvFJ5srQ5D8IGd:SekoH+a9e9xlOWG7XJ+KD8IGd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Profoma Invoice 002.exe

Files

61521243662ad344fec198ccf4b4af18_JC.bin
.zip

Password: infected
4dd1a60ac2f17ea4c2e5a8a46450b16b8a983db09ec54349154d386453a01dba.zip
.zip
Profoma Invoice 002.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ